rm protection

Is there any way to protect certain directories from deletion as root? Today I just installed a second distro along side arch and without due care I rm -rf * (my current working directory was /, I was half asleep). I was lucky that it didn't remove /boot (which has several kernels) or /home which is shared between distros and has some data that would be a pain in the ass to lose. It prompted me to make some changes to my mount, I now only mount partitions holding windows/arch/distroX/boot/foo as needed and with certain mounts (like boot) I can mount as ro.

There are two issues - the first being that I have a /home mount that is shared across distros. Since i need write access for the distro I have currently booted I cannot mount it as ro. Is there a sysctl setting I can use to mark some directories as read only? is there support in the kernel to do so? is there a patch that does so? The second is just /, it would be at least nice to be asked, first, if you want to rm -rf /, I doubt there are many instance where you would want to do that. Is there any protection available for these issues?

Re: rm protection

Re: rm protection

Don't think there's really a way to protect yourself. Even aliasing rm -I won't help you much, as it will trigger at nearly every use, so after some you will be confirming it more or less automatically and it will only become a nuisance. As every command, rm will do exactly what you ask it to do, and it doesn't know it was by mistake.

Of course there's something you can do about it though - work around the issue. If you want to remove a whole directory full of files and you're feeling sleepy, don't use rm. Use find instead:

find /path/to/directory/you/want/to/delete/

will list every single file in that place. You might want to |less it if the output is long, so you could carefuly go through it.

And if that list is exactly the same as list of files you actually want deleted, then

find /path/to/directory/you/want/to/delete/ -delete

and it will all be gone. Just append -delete to a command whose output you already saw and checked. Obviously you'll use bash history while doing that, so there's no danger of making a mistake in a path, accidentally pressing enter before you're finished, etc etc.

As foolproof as it gets. Obviously you can adjust it to your needs as much as you want, it's really simple. For example, when you want to delete all contents of current directory, then find will give you the list of its contents, and find -delete will delete everything inside.

Simple, isn't it

Running arch is like raising a puppy - if you spend a bit of time with it each day and do just a bit of training you'll end up with the most loyal partner you could want; if you lock it in a room and don't check on if for several days, it'll tear apart your stuff and poop everywhere.

Re: rm protection

xs wrote:

I think It's easy enough to just use absolute paths (avoid asterisks and ./). After a few reformats you should get in the habit of creating a backup image (cloning) anyway.

+1 !!It is not a mistake one makes too many times - I believe I have done it twice in 15 years.The work involved in getting things back in order makes you automatically think twice before pushing 'Enter' at the end of a rm-command ;-)

Re: rm protection

perbh wrote:

xs wrote:

I think It's easy enough to just use absolute paths (avoid asterisks and ./). After a few reformats you should get in the habit of creating a backup image (cloning) anyway.

+1 !!It is not a mistake one makes too many times - I believe I have done it twice in 15 years.The work involved in getting things back in order makes you automatically think twice before pushing 'Enter' at the end of a rm-command ;-)

One time is too many in production, and even the best of us mess up sometimes. Why not add the extra safety?

Re: rm protection

Re: rm protection

The safe-rm utility is a good choice to protect certain directories from deletion. You may also create a "-i" file which is then processed by rm requesting further action to remove a file; for example,

In contrast to deleting the files you can actually "move" them to a "trash" folder using the utilities available in the desktop environment of your choice. This has the advantage of an easy recovery (or future permanent deletion) using either your desktop environment or your command shell.

A simple "trash" script follows using KDE:

#!/bin/bash
kioclient move "$@" trash:/

Now you can delete any file or folder in the command line using "trash", for example,